The IAM Business Security Architect will develop and deploy xIAM solutions, improve onboarding processes, and provide architecture advisory services for security operations.
Cloud Security Services is currently looking for an experienced external Identity and Access Management (xIAM / CIAM) architect with background in global, complex, and diverse xIAM environments to assist with the development of a program that will design, develop, and deploy xIAM solutions. Experience with business architecture is a plus as the right candidate will be enabling change management activities to identify areas where process controls could be made more efficient and help reduce cycle times for onboarding of new resources onto the team through training, education and mentoring activities. This is a 6-month remote opportunity with the possibility of going full-time.
Key Responsibilities:
Provide Business Architecture for Security support to meet primary goals for:
- Maturing Business Architecture for Security
- Operating Model
- Staffing Plan
- Clarifying Roles & Responsibilities
- RACI
- Role-Based Curricula Development
- Onboarding Process Improvement
- Reduce Ramp-up Time for New Hires
- xIAM Architecture Advisory
- Analysis
- Reference Architecture
- Solution Architecture
This is in order to (1) Advance client’s target state xIAM platforms / services with key capabilities around BYOID (Bring Your Own ID), common identity, modern authentication, core profile data management, consent & privacy management, etc. and (2) Meet the xIAM needs of specific applications by leveraging target state xIAM platforms / services where available, or by delivering interim solutions when requisite target state xIAM platforms / services are not yet finalized.
Responsibilities:
- xIAM program architecture support
- Support to advance product roadmap milestones, as needed
- Align target skill sets with business objectives and deliverables
- Develop RACI or related framework that outlines the resource roles and responsibilities in alignment with client objectives
- Facilitate and develop new hire (resource) onboarding processes
- Facilitate and develop new hire (resource) training content and processes
- Facilitate playbook creation and maintenance protocol
- Develop method to assess efficiency and effectiveness of onboarding processes
- Define and document continuous improvement recommendations
Required Skills:
- 7-10 years’ experience working in the Identity and Access management (IAM) information security space in an architecture and engineering capacity.
- 5-7 years’ experience with the following:
- Global Workforce IAM
- Global Consumer IAM (CIAM)
- Federation and single sign-on (B2B and B2C)
- National Institute of Standards and Technology (NIST) 800-53
- NIST 800-63
- NIST Cybersecurity Framework (CSF)
- Experience creating high and low level IAM architecture patterns
- Experience developing and implementing IAM strategies and roadmaps
- Experience with major IAM platforms including:
- Microsoft Active Directory
- One Identity Manager
- Ping Federate
- Experience building roles and responsibilities (e.g., RACI matrices)
- Experience with process control design
- Ability to work as liaison between business and information security/information technology
- Ability to clearly explain IAM & xIAM concepts to audiences of various levels.
- Broad and deep understanding of xIAM- and IAM-related capabilities, patterns, protocols, technologies, and solutions.
- Intimately familiar with xIAM- and IAM-related protocols such as OAuth, OIDC, SAML, LDAP,
SPML, XACML, SCIM, Kerberos, PKI (certs, CA’s, sigs, etc).
- Strong experience with directories, SSO, federation, MFA, RBA, delegated administration, API gateways, SOA services.
Preferred Skills:
- Experience with App Gateways, App Proxies, Live Chat, Chat Bots, Contact Centers, IVRs and Web Portals for CIAM
- Good understanding of MFA, PAM and Risk Based Authentication
- Deep technical experience with two or more xIAM technologies including Okta, Janrain / Akamai, Forgerock, Microsoft Azure B2C, Amazon AWS Cognito.
- Strong familiarity with adjacent technologies such as PingFederate/PingOne, IGA (e.g.: OneIM, Sailpoint), virtual directory (e.g.: Radiant), API management (e.g.: Apigee, Mulesoft).
- Understanding of industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls.
- Business process engineering experience
- Strong project management skills
- A deep overall understanding of business & technology transformation around digital identity both within and across enterprises, identity providers, and other entities.
- Excellent interpersonal communication skills with strong spoken and written English.
- Business outcomes mindset.
- Understanding of global regulations and compliance frameworks including
- NY DFS
- CCPA
- GDPR
- Solid balance of strategic thinking with detail orientation.
- Collaborative team worker – both in person and virtually using MS Teams or similar.
- Flexibility to accommodate working across different time zones.
- CISSP, CISM, or equivalent certification a plus.
- BS in Computer Science or related field of study, or equivalent work experience
Preferred Education:
- Cybersecurity certifications such as CISSP, CISM, etc.
Top Skills
Api Gateways
Ciam
Iam
Kerberos
Ldap
Mfa
Microsoft Active Directory
Oauth
Oidc
One Identity Manager
Ping Federate
Pki
SAML
Scim
Soa Services
Spml
Xacml
Similar Jobs
.png)
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
Lead Coinbase's global Technology Risk & Controls team, integrating risk management across all functions and ensuring compliance with regulations.
Top Skills:
CobitDoraFairIsoNist
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
As a Senior Software Engineer on the Risk Engineering team, you will lead projects, mentor engineers, improve system quality, and drive architectural decisions to enhance risk detection and fraud prevention. Your technical leadership will influence systems impacting millions of users.
Top Skills:
FlinkGoGrpcJavaKafkaMongoDBPostgresPythonSnowflake
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
As a Group Product Manager at Coinbase, you'll lead the Customer Engagement & Experience team to enhance retail customer support experiences using AI, drive automation, and improve customer satisfaction across multiple platforms.
Top Skills:
AIBlockchainConsumer ProductsData Analysis
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
